You are here
Information systems have become a strategic asset for most companies. As a result, system are increasing complex and open. Faced with the inexorable evolution of risks and of incidents - criminal groups are now very active in this field - organizations are subject to increased requirements in terms of risk management, whether through their general management or due to regulatory constraints (NRE laws, Sarbanes-Oxley...).
Today security devices, whether hardware or software, do not provide a comprehensive view of security and risks. Only a few detect problems in real time and thus don't really protect against them. And, in case of intrusion or virus, they seldomly allow to know the extent and the severity of the damages and thus don't help us to respond quickly to the issue.
With hundreds or thousands of sources of information & logs generating sometimes more than one million security messages per day, how could an organization control its actual risk exposure?
Furthermore, on a more global scope, the complexity of information systems has transofrmed IT asset management (licences...) into a real challenge. Remote sites, laptops, smartphones... Do you know which software are used in your company? Such asset management issue are directly related to IT security: if a new vulnerability is publicly disclosed, how to know if your organisation is exposed if you can't know if that software is used?
This situation forces us to think of new ways of managing IT assets, as far as security is concerned. For example, to ignore workstations and notably laptops or smartphone is no longer possible: they are the weak link in security, and are central to the issue of asset management. However, to centrally monitor the security of a fleet of hundreds or thousands of machines does not come naturally, and leads to completely review the architecture of Security Information and Event Management software (SIEM).
In this context, the automation and centralization of security supervision and of asset management are decisive factors and appear as the best solution to these problems.
With this new approach of mind, Alizé, our security supervision solution, allows total control of information systems. It is also light to use and allow to communicate widely on information systems and their management through fully customizable reporting.